Pete Chestna

As Director of Developer Engagement, Pete provides customers with practical advice on how to successfully roll out developer-centric application security programs. Relying on more than 10 years of direct AppSec experience as both a developer and development leader, Pete provides information on best practices amassed from working with CA Veracode’s 1,000+ customers. Pete joined CA Veracode in 2006 as a platform developer and was instrumental in delivering the first version of CA Veracode’s service to customers. Later, as Director of Platform Engineering, Pete managed the Agile teams responsible for delivering CA Veracode’s SaaS platform and built the first DevOps team.  Pete also...
Posts by Pete Chestna

Find it Early, Fix it Early: PETETalks

December 15, 2014

In my recent blog post I discussed some of the fundamental tenets of the agile methodology of software development – one of which is keeping developers working efficiently within their tool chain.  Having held the role of Scrum Master myself, I’ve had the responsibility to ensure that members of my development team have the tools they need to finish their tasks at hand before... READ MORE

Secure Agile Development. Think like a Developer.

November 5, 2014

As you lead your organization in securing software development and delivery, you will come across several challenges – despite the recent growth and increased adoption of the agile methodology. Application vulnerabilities and coding issues are typically time-consuming to find, document, and fix with traditional testing tools. Short agile sprints don’t lend themselves to these long processes;... READ MORE

Four Steps to Successfully Implementing Security into a Continuous Development Shop

July 23, 2014

18458476_s_2.jpg So you live in a continuous deployment shop and you have been told to inject security into the process. Are you afraid? Don’t be. When the world moved from waterfall to agile, did everything go smoothly? Of course not – you experienced setbacks and hiccups, just like everyone else. But, eventually you worked through the setbacks and lived to tell the tale. As with any... READ MORE

Secure Agile Q&A: Scale, Continuous Integration and Policies

June 16, 2014

QA-crop_2.jpg Last week I took some time to answer viewer questions from my webinar, “Secure Agile Through Automated Toolchains: How CA Veracode R&D Does It”. This is my second post to respond to questions from the webinar so if you haven’t yet read the the first one check it out here. My first post focused on questions regarding integration with environments such as Microsoft... READ MORE

Secure Agile Q&A: API’s, IDE’s and Environment Integration

May 27, 2014

A few weeks back, I hosted a webinar called “Secure Agile Through Automated Toolchains: How CA Veracode R&D Does It”, and in this webinar I discussed the importance of security testing and how to integrate it into the Agile SDLC. There were so many questions from our open discussion following the webinar that I have taken this time to follow up with them. Thank you to everyone... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu